- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated XFree86 4.1.0 packages are available
Advisory ID:       RHSA-2003:064-01
Issue date:        2003-06-25
Updated on:        2003-06-25
Product:           Red Hat Linux
Keywords:          
Cross references:  
Obsoletes:         RHBA-2002:068
CVE Names:         CAN-2001-1409 CAN-2002-0164 CAN-2002-1510 CAN-2003-0063 CAN-2003-0071
- ---------------------------------------------------------------------

1. Topic:

Updated XFree86 packages that resolve various security issues and
additionally provide a number of bug fixes and enhancements are now
available for Red Hat Linux 7.1 and 7.2.

2. Relevant releases/architectures:

Red Hat Linux 7.1 - i386
Red Hat Linux 7.2 - i386, ia64

3. Problem description:

XFree86 is an implementation of the X Window System, which provides the
graphical user interface, video drivers, etc. for Linux systems.

Since the last XFree86 update for Red Hat Linux 7.1 and 7.2, a number of
security vulnerabilities have been found and fixed.  In addition, various
other bug fixes, driver updates, and other enhancements have been made.

Security fixes:

Xterm, provided as part of the XFree86 packages, provides an escape
sequence for reporting the current window title.  This escape sequence
essentially takes the current title and places it directly on the command
line. An attacker can craft an escape sequence that sets the victim's Xterm
window title to an arbitrary command, and then reports it to the command
line.   Since it is not possible to embed a carriage return into the window
title, the attacker would then have to convince the victim to press Enter
for the shell to process the title as a command, although the attacker
could craft other escape sequences that might convince the victim to do so.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0063 to this issue.

It is possible to lock up versions of Xterm by sending an invalid DEC
UDK escape sequence.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0071 to this issue.

The xdm display manager, with the authComplain variable set to false,
allows arbitrary attackers to connect to the X server if the xdm auth
directory does not exist.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-1510 to this issue.

These erratum packages also contain an updated fix for CAN-2002-0164, a
vulnerability in the MIT-SHM extension of the X server that allows local
users to read and write arbitrary shared memory.  The original fix did not
cover the case where the X server is started from xdm.

The X server was setting the /dev/dri directory permissions incorrectly,
which resulted in the directory being world writable.  It now sets the
directory permissions to a safe value.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2001-1409 to
this issue.

Driver updates and other fixes:

The Rage 128 video driver (r128) has been updated to provide 2D support
for all previously unsupported ATI Rage 128 hardware.  DRI 3D support
should also work on the majority of Rage 128 hardware.

Bad page size assumptions in the ATI Radeon video driver (radeon) have
been fixed to allow the driver to work properly on ia64 and other
architectures where the page size is not fixed.

A long-standing XFree86 bug has been fixed.  This bug occurs when any form
of system clock skew (such as NTP clock synchronization, APM suspend/resume
cycling on laptops, daylight savings time changeover, or even manually
setting the system clock forward or backward) could result in odd
application behavior, mouse and keyboard lockups, or even an X server hang
or crash.

The S3 Savage driver (savage) has been updated to the upstream author's
latest version "1.1.27t", which should fix numerous bugs reported by
various users, as well as adding support for some newer savage hardware.

Users are advised to upgrade to these updated packages, which are not
vulnerable to the previously-mentioned security issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 7.1:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
 

Red Hat Linux 7.2:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
 

ia64: 
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
 



6. Verification:

MD5 sum                          Package Name
- --------------------------------------------------------------------------
255e508c0444be66aad401f48ec0e6a6 7.1/en/os/SRPMS/XFree86-4.1.0-49.src.rpm
65e1eb830be72af2f7538ee5e1fd0fea 7.1/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
18cc85bff08f8247c9fea09283ccf45a 7.1/en/os/i386/XFree86-4.1.0-49.i386.rpm
930d4edb4899f1b78cdc1cd2b19ab38c 7.1/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
0cce2b5afb99c32e926ef43261ff2250 7.1/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
af88742bd8458f8e57cdf6e531457536 7.1/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
e05cf77457ccd3e315e9d3d591782c7a 7.1/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
e95df2e86f1d88fe89ef1f14a71fdccd 7.1/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
71ec6519410e65aad2eae4bdfe500975 7.1/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
ffa9344eb347d7d12ab87bba652fa562 7.1/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
e475560e7c1fb62a196993415dfab7de 7.1/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
dfa2b9213032074d9f08781042ca05f2 7.1/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm
0025f3055761f8ac4b1eb392d076f3fd 7.1/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
987897ce80f44dc702f162e0f0aea0d9 7.1/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
a46de8247fa2ab6b14b80e37d3604876 7.1/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
f77a9ccd1b80e73bc281d3a23698d646 7.1/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
f234a38c406ec59d1797b2261394838c 7.1/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
270de02f4185ad7071d4ffbe41d21e3e 7.1/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
1307c2f687fa2885fcf31a5dc6ab8316 7.1/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
37e289141f240cd67e5592ba5a08576c 7.1/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
8356bc88316bc141ae069a6035343a67 7.1/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
255e508c0444be66aad401f48ec0e6a6 7.2/en/os/SRPMS/XFree86-4.1.0-49.src.rpm
65e1eb830be72af2f7538ee5e1fd0fea 7.2/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm
18cc85bff08f8247c9fea09283ccf45a 7.2/en/os/i386/XFree86-4.1.0-49.i386.rpm
930d4edb4899f1b78cdc1cd2b19ab38c 7.2/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm
0cce2b5afb99c32e926ef43261ff2250 7.2/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm
af88742bd8458f8e57cdf6e531457536 7.2/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm
e05cf77457ccd3e315e9d3d591782c7a 7.2/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm
e95df2e86f1d88fe89ef1f14a71fdccd 7.2/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm
71ec6519410e65aad2eae4bdfe500975 7.2/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm
ffa9344eb347d7d12ab87bba652fa562 7.2/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm
e475560e7c1fb62a196993415dfab7de 7.2/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm
dfa2b9213032074d9f08781042ca05f2 7.2/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm
0025f3055761f8ac4b1eb392d076f3fd 7.2/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm
987897ce80f44dc702f162e0f0aea0d9 7.2/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm
a46de8247fa2ab6b14b80e37d3604876 7.2/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm
f77a9ccd1b80e73bc281d3a23698d646 7.2/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm
f234a38c406ec59d1797b2261394838c 7.2/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm
270de02f4185ad7071d4ffbe41d21e3e 7.2/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm
1307c2f687fa2885fcf31a5dc6ab8316 7.2/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm
37e289141f240cd67e5592ba5a08576c 7.2/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm
8356bc88316bc141ae069a6035343a67 7.2/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm
3338235d20c3b3b96deda7a7bb09411a 7.2/en/os/ia64/XFree86-100dpi-fonts-4.1.0-49.ia64.rpm
cec6acd6c87f466e41a61540196de1ff 7.2/en/os/ia64/XFree86-4.1.0-49.ia64.rpm
36def6fde64cd3580df217356b07ffc8 7.2/en/os/ia64/XFree86-75dpi-fonts-4.1.0-49.ia64.rpm
f9f2c6648a3abba91225769e1c7d3c46 7.2/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.ia64.rpm
a952f30917499b8d82944238863aae35 7.2/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.ia64.rpm
3ddc6202621fa123a148a5d6782279cd 7.2/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.ia64.rpm
fb13416b693b2e1b2b16540a88b40649 7.2/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.ia64.rpm
503f01aa9bffc2f68fbe7201e6ccc3ed 7.2/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.ia64.rpm
67e91206b634e6de793c3e9c6679bd15 7.2/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.ia64.rpm
75f485800cefecf55673f3936e3874a2 7.2/en/os/ia64/XFree86-Xnest-4.1.0-49.ia64.rpm
76f0e50b47ab9acf852b0b80f3713295 7.2/en/os/ia64/XFree86-Xvfb-4.1.0-49.ia64.rpm
b84ddb8960c7785d03e69c6d231f11b1 7.2/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-49.ia64.rpm
e93b07925b011af368a94231d1a5583c 7.2/en/os/ia64/XFree86-devel-4.1.0-49.ia64.rpm
65050c1656f2e42486af9a653ab7c804 7.2/en/os/ia64/XFree86-doc-4.1.0-49.ia64.rpm
f43d26478bf23d7b7a9b05fa35d76d06 7.2/en/os/ia64/XFree86-libs-4.1.0-49.ia64.rpm
cf6c46c53d41081ae4662e17a89b3ab8 7.2/en/os/ia64/XFree86-tools-4.1.0-49.ia64.rpm
8f71e3738a26c29439b7b5abd3499966 7.2/en/os/ia64/XFree86-twm-4.1.0-49.ia64.rpm
491e50e22765f54d04f542c386f5a322 7.2/en/os/ia64/XFree86-xdm-4.1.0-49.ia64.rpm
17df02a97c217e0b507fac05fbe3608c 7.2/en/os/ia64/XFree86-xfs-4.1.0-49.ia64.rpm


These packages are GPG signed by Red Hat for security.  Our key is
available from  Product Signing Keys - Red Hat Customer Portal

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


7. References:
 
CVE -CVE-2001-1409 
CVE -CVE-2002-0164 
CVE -CVE-2002-1510 
CVE -CVE-2003-0063 
CVE -CVE-2003-0071

8. Contact:

The Red Hat security contact is <secalert@RedHat.com>.  More contact
details at  All Red Hat products

Copyright 2003 Red Hat, Inc.

RedHat: XFree86 multiple vulnerabilities

Since the last XFree86 update for Red Hat Linux 7.1 and 7.2, a number of security vulnerabilities have been found and fixed.

Summary



Summary

XFree86 is an implementation of the X Window System, which provides thegraphical user interface, video drivers, etc. for Linux systems.Since the last XFree86 update for Red Hat Linux 7.1 and 7.2, a number ofsecurity vulnerabilities have been found and fixed. In addition, variousother bug fixes, driver updates, and other enhancements have been made.Security fixes:Xterm, provided as part of the XFree86 packages, provides an escapesequence for reporting the current window title. This escape sequenceessentially takes the current title and places it directly on the commandline. An attacker can craft an escape sequence that sets the victim's Xtermwindow title to an arbitrary command, and then reports it to the commandline. Since it is not possible to embed a carriage return into the windowtitle, the attacker would then have to convince the victim to press Enterfor the shell to process the title as a command, although the attackercould craft other escape sequences that might convince the victim to do so.The Common Vulnerabilities and Exposures project (cve.mitre.org) hasassigned the name CAN-2003-0063 to this issue.It is possible to lock up versions of Xterm by sending an invalid DECUDK escape sequence. The Common Vulnerabilities and Exposures project(cve.mitre.org) has assigned the name CAN-2003-0071 to this issue.The xdm display manager, with the authComplain variable set to false,allows arbitrary attackers to connect to the X server if the xdm authdirectory does not exist. The Common Vulnerabilities and Exposures project(cve.mitre.org) has assigned the name CAN-2002-1510 to this issue.These erratum packages also contain an updated fix for CAN-2002-0164, avulnerability in the MIT-SHM extension of the X server that allows localusers to read and write arbitrary shared memory. The original fix did notcover the case where the X server is started from xdm.The X server was setting the /dev/dri directory permissions incorrectly,which resulted in the directory being world writable. It now sets thedirectory permissions to a safe value. The Common Vulnerabilities andExposures project (cve.mitre.org) has assigned the name CAN-2001-1409 tothis issue.Driver updates and other fixes:The Rage 128 video driver (r128) has been updated to provide 2D supportfor all previously unsupported ATI Rage 128 hardware. DRI 3D supportshould also work on the majority of Rage 128 hardware.Bad page size assumptions in the ATI Radeon video driver (radeon) havebeen fixed to allow the driver to work properly on ia64 and otherarchitectures where the page size is not fixed.A long-standing XFree86 bug has been fixed. This bug occurs when any formof system clock skew (such as NTP clock synchronization, APM suspend/resumecycling on laptops, daylight savings time changeover, or even manuallysetting the system clock forward or backward) could result in oddapplication behavior, mouse and keyboard lockups, or even an X server hangor crash.The S3 Savage driver (savage) has been updated to the upstream author'slatest version "1.1.27t", which should fix numerous bugs reported byvarious users, as well as adding support for some newer savage hardware.Users are advised to upgrade to these updated packages, which are notvulnerable to the previously-mentioned security issues.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. RPMs required:
Red Hat Linux 7.1:
SRPMS:

i386:




















Red Hat Linux 7.2:
SRPMS:

i386:




















ia64:





















6. Verification:
MD5 sum Package Name 255e508c0444be66aad401f48ec0e6a6 7.1/en/os/SRPMS/XFree86-4.1.0-49.src.rpm 65e1eb830be72af2f7538ee5e1fd0fea 7.1/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm 18cc85bff08f8247c9fea09283ccf45a 7.1/en/os/i386/XFree86-4.1.0-49.i386.rpm 930d4edb4899f1b78cdc1cd2b19ab38c 7.1/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm 0cce2b5afb99c32e926ef43261ff2250 7.1/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm af88742bd8458f8e57cdf6e531457536 7.1/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm e05cf77457ccd3e315e9d3d591782c7a 7.1/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm e95df2e86f1d88fe89ef1f14a71fdccd 7.1/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm 71ec6519410e65aad2eae4bdfe500975 7.1/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm ffa9344eb347d7d12ab87bba652fa562 7.1/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm e475560e7c1fb62a196993415dfab7de 7.1/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm dfa2b9213032074d9f08781042ca05f2 7.1/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm 0025f3055761f8ac4b1eb392d076f3fd 7.1/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm 987897ce80f44dc702f162e0f0aea0d9 7.1/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm a46de8247fa2ab6b14b80e37d3604876 7.1/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm f77a9ccd1b80e73bc281d3a23698d646 7.1/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm f234a38c406ec59d1797b2261394838c 7.1/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm 270de02f4185ad7071d4ffbe41d21e3e 7.1/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm 1307c2f687fa2885fcf31a5dc6ab8316 7.1/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm 37e289141f240cd67e5592ba5a08576c 7.1/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm 8356bc88316bc141ae069a6035343a67 7.1/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm 255e508c0444be66aad401f48ec0e6a6 7.2/en/os/SRPMS/XFree86-4.1.0-49.src.rpm 65e1eb830be72af2f7538ee5e1fd0fea 7.2/en/os/i386/XFree86-100dpi-fonts-4.1.0-49.i386.rpm 18cc85bff08f8247c9fea09283ccf45a 7.2/en/os/i386/XFree86-4.1.0-49.i386.rpm 930d4edb4899f1b78cdc1cd2b19ab38c 7.2/en/os/i386/XFree86-75dpi-fonts-4.1.0-49.i386.rpm 0cce2b5afb99c32e926ef43261ff2250 7.2/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.i386.rpm af88742bd8458f8e57cdf6e531457536 7.2/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.i386.rpm e05cf77457ccd3e315e9d3d591782c7a 7.2/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.i386.rpm e95df2e86f1d88fe89ef1f14a71fdccd 7.2/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.i386.rpm 71ec6519410e65aad2eae4bdfe500975 7.2/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.i386.rpm ffa9344eb347d7d12ab87bba652fa562 7.2/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.i386.rpm e475560e7c1fb62a196993415dfab7de 7.2/en/os/i386/XFree86-Xnest-4.1.0-49.i386.rpm dfa2b9213032074d9f08781042ca05f2 7.2/en/os/i386/XFree86-Xvfb-4.1.0-49.i386.rpm 0025f3055761f8ac4b1eb392d076f3fd 7.2/en/os/i386/XFree86-cyrillic-fonts-4.1.0-49.i386.rpm 987897ce80f44dc702f162e0f0aea0d9 7.2/en/os/i386/XFree86-devel-4.1.0-49.i386.rpm a46de8247fa2ab6b14b80e37d3604876 7.2/en/os/i386/XFree86-doc-4.1.0-49.i386.rpm f77a9ccd1b80e73bc281d3a23698d646 7.2/en/os/i386/XFree86-libs-4.1.0-49.i386.rpm f234a38c406ec59d1797b2261394838c 7.2/en/os/i386/XFree86-tools-4.1.0-49.i386.rpm 270de02f4185ad7071d4ffbe41d21e3e 7.2/en/os/i386/XFree86-twm-4.1.0-49.i386.rpm 1307c2f687fa2885fcf31a5dc6ab8316 7.2/en/os/i386/XFree86-xdm-4.1.0-49.i386.rpm 37e289141f240cd67e5592ba5a08576c 7.2/en/os/i386/XFree86-xf86cfg-4.1.0-49.i386.rpm 8356bc88316bc141ae069a6035343a67 7.2/en/os/i386/XFree86-xfs-4.1.0-49.i386.rpm 3338235d20c3b3b96deda7a7bb09411a 7.2/en/os/ia64/XFree86-100dpi-fonts-4.1.0-49.ia64.rpm cec6acd6c87f466e41a61540196de1ff 7.2/en/os/ia64/XFree86-4.1.0-49.ia64.rpm 36def6fde64cd3580df217356b07ffc8 7.2/en/os/ia64/XFree86-75dpi-fonts-4.1.0-49.ia64.rpm f9f2c6648a3abba91225769e1c7d3c46 7.2/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-49.ia64.rpm a952f30917499b8d82944238863aae35 7.2/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-49.ia64.rpm 3ddc6202621fa123a148a5d6782279cd 7.2/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-49.ia64.rpm fb13416b693b2e1b2b16540a88b40649 7.2/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-49.ia64.rpm 503f01aa9bffc2f68fbe7201e6ccc3ed 7.2/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-49.ia64.rpm 67e91206b634e6de793c3e9c6679bd15 7.2/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-49.ia64.rpm 75f485800cefecf55673f3936e3874a2 7.2/en/os/ia64/XFree86-Xnest-4.1.0-49.ia64.rpm 76f0e50b47ab9acf852b0b80f3713295 7.2/en/os/ia64/XFree86-Xvfb-4.1.0-49.ia64.rpm b84ddb8960c7785d03e69c6d231f11b1 7.2/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-49.ia64.rpm e93b07925b011af368a94231d1a5583c 7.2/en/os/ia64/XFree86-devel-4.1.0-49.ia64.rpm 65050c1656f2e42486af9a653ab7c804 7.2/en/os/ia64/XFree86-doc-4.1.0-49.ia64.rpm f43d26478bf23d7b7a9b05fa35d76d06 7.2/en/os/ia64/XFree86-libs-4.1.0-49.ia64.rpm cf6c46c53d41081ae4662e17a89b3ab8 7.2/en/os/ia64/XFree86-tools-4.1.0-49.ia64.rpm 8f71e3738a26c29439b7b5abd3499966 7.2/en/os/ia64/XFree86-twm-4.1.0-49.ia64.rpm 491e50e22765f54d04f542c386f5a322 7.2/en/os/ia64/XFree86-xdm-4.1.0-49.ia64.rpm 17df02a97c217e0b507fac05fbe3608c 7.2/en/os/ia64/XFree86-xfs-4.1.0-49.ia64.rpm

These packages are GPG signed by Red Hat for security. Our key is available from Product Signing Keys - Red Hat Customer Portal
You can verify each package with the following command:
rpm --checksig -v
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:
md5sum

References

CVE -CVE-2001-1409 CVE -CVE-2002-0164 CVE -CVE-2002-1510 CVE -CVE-2003-0063 CVE -CVE-2003-0071

Package List


Severity
Advisory ID: RHSA-2003:064-01
Issued Date: : 2003-06-25
Updated on: 2003-06-25
Product: Red Hat Linux
Keywords:
Cross references:
Obsoletes: RHBA-2002:068
CVE Names: CAN-2001-1409 CAN-2002-0164 CAN-2002-1510 CAN-2003-0063 CAN-2003-0071

Topic


Topic

Updated XFree86 packages that resolve various security issues and

additionally provide a number of bug fixes and enhancements are now

available for Red Hat Linux 7.1 and 7.2.


 

Relevant Releases Architectures

Red Hat Linux 7.1 - i386

Red Hat Linux 7.2 - i386, ia64


Bugs Fixed


Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved